Fix tests of podman image trust --raw and --json

Instead using the OS-wide system default policy, use
the one in this repo, and adjust the expected results
(as well as making the test stricter).

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This commit is contained in:
Miloslav Trmač 2021-10-21 22:32:34 +02:00
parent 53ff49237b
commit adee084d65
1 changed files with 36 additions and 8 deletions

View File

@ -73,24 +73,52 @@ var _ = Describe("Podman trust", func() {
})
It("podman image trust show --json", func() {
session := podmanTest.Podman([]string{"image", "trust", "show", "--json"})
session := podmanTest.Podman([]string{"image", "trust", "show", "--registrypath", filepath.Join(INTEGRATION_ROOT, "test"), "--policypath", filepath.Join(INTEGRATION_ROOT, "test/policy.json"), "--json"})
session.WaitWithDefaultTimeout()
Expect(session).Should(Exit(0))
Expect(session.IsJSONOutputValid()).To(BeTrue())
var teststruct []map[string]string
json.Unmarshal(session.Out.Contents(), &teststruct)
Expect(teststruct[0]["name"]).To(Equal("* (default)"))
Expect(teststruct[0]["repo_name"]).To(Equal("default"))
Expect(teststruct[0]["type"]).To(Equal("accept"))
Expect(teststruct[1]["type"]).To(Equal("insecureAcceptAnything"))
Expect(len(teststruct)).To(Equal(3))
// To ease comparison, group the unordered array of repos by repo (and we expect only one entry by repo, so order within groups doesnt matter)
repoMap := map[string][]map[string]string{}
for _, e := range teststruct {
key := e["name"]
repoMap[key] = append(repoMap[key], e)
}
Expect(repoMap).To(Equal(map[string][]map[string]string{
"* (default)": {{
"name": "* (default)",
"repo_name": "default",
"sigstore": "",
"transport": "",
"type": "accept",
}},
"docker.io/library/hello-world": {{
"name": "docker.io/library/hello-world",
"repo_name": "docker.io/library/hello-world",
"sigstore": "",
"transport": "",
"type": "reject",
}},
"registry.access.redhat.com": {{
"name": "registry.access.redhat.com",
"repo_name": "registry.access.redhat.com",
"sigstore": "https://access.redhat.com/webassets/docker/content/sigstore",
"transport": "",
"type": "signedBy",
"gpg_id": "security@redhat.com, security@redhat.com",
}},
}))
})
It("podman image trust show --raw", func() {
session := podmanTest.Podman([]string{"image", "trust", "show", "--raw"})
session := podmanTest.Podman([]string{"image", "trust", "show", "--policypath", filepath.Join(INTEGRATION_ROOT, "test/policy.json"), "--raw"})
session.WaitWithDefaultTimeout()
Expect(session).Should(Exit(0))
contents, err := ioutil.ReadFile(filepath.Join(INTEGRATION_ROOT, "test/policy.json"))
Expect(err).ShouldNot(HaveOccurred())
Expect(session.IsJSONOutputValid()).To(BeTrue())
Expect(session.OutputToString()).To(ContainSubstring("default"))
Expect(session.OutputToString()).To(ContainSubstring("insecureAcceptAnything"))
Expect(string(session.Out.Contents())).To(Equal(string(contents) + "\n"))
})
})